3acb65d51ed486afe6b5c23214da71cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3acb65d51ed486afe6b5c23214da71cb_JaffaCakes118
Size

35KB
MD5

3acb65d51ed486afe6b5c23214da71cb
SHA1

bcfa130267c57fc009a6e9e85fe099ae2ce12e0d
SHA256

1b7af1eef5e4a5c98f7f9677043422c039213273703089d1d7f53509ace39192
SHA512

5c6f5610e3330e24c531571a429862aba4038d07eae52dc0c9b4f8282109dea5bd1948bf6834cd49dd5c573c70ba7fd7ffe480fda1ac7c11718983ec655463f7
SSDEEP

768:WSvzWr9kePfwbnTjMGTDgZ7PG0B16y6cMTx5hnmFHs:dWrCePfwbnTjtTIDGs1Z6cYncM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3acb65d51ed486afe6b5c23214da71cb_JaffaCakes118

Files

3acb65d51ed486afe6b5c23214da71cb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1329730dfa488de7877d061e9c0c45c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

user32

GetKeyboardType

advapi32

RegQueryValueExA

imm32

ImmGetCompositionStringA

Exports

Exports

GetPluginInfo
GetPluginResult
GetPluginRun
PluginFunc
PluginStap

Sections

fgrt
Size: 21KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fetui
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hpqer
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ftuk
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.deerft
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE